On Wed, Nov 30, 2016 at 04:19:40PM +0100, Christian Seiler wrote: > On 11/30/2016 02:33 PM, Virgo Pärna wrote: > > On Fri, 25 Nov 2016 15:41:45 +0100, Christian Seiler <christ...@iwakd.de> > > wrote: > >> > >> is not an issue (it works fine), but I had modified the cron job to > >> pass --renew-hook and --post-hook to certbot. (As far as I can tell, > >> there's no way of setting these in a configuration file.) The only > > > > I think that /etc/letsencrypt/cli.ini is supposed to work for it. > > As far as I am aware this is non-standard, and all examples with > that file name I could find would do > > certbot --config /etc/letsencrypt/cli.ini > > However, certbot --help paths clearly states that --config has no > default value, so by default certbot does not read that file, and > strace confirms it. Actually, the only files read in by certbot > in /etc/letsencrypt are /etc/letsencrypt/renewal/$certname.conf > and /etc/letsencrypt/archive/$certname/cert$N.pem.
The help is wrong there; that's an instance of this bug: https://github.com/certbot/certbot/issues/3734 https://bugs.python.org/issue28742 I'm adding the --config flag you noticed as another case of that bug. We'll try to get a fix for that (which will probably require vendorng the argparse library) included in upstream Certbot before Stretch freezes ;) -- Peter Eckersley p...@eff.org Chief Computer Scientist Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993
